Protect your Business with these Active Directory Security Best Practices

Bineesh Mathew | January 10, 2022 | 125 views

information_security_blog
Every organization's information security teams safeguard AD because it is required for a variety of vulnerable functions such as network access, credentialing, and authentication. In addition, every time users, applications, IoT devices, and other critical network connections connect to an enterprise's systems, they require AD. Knowing this fact, hackers always target an active directory. Therefore, businesses must adhere to active directory best practises.

The 2018 healthcare.gov hack is one example of a severe AD breach. Using stolen credentials, attackers could access the database and expose over 75,000 files containing personal data (PII).

Another example is how hackers breached Virgin Mobile's office network in Saudi Arabia, gaining access to the company's email system and Active Directory domain controller, and selling stolen data on private dark web forums.

Semperis, a pioneer in identity-driven cyber resilience for businesses, conducted a survey on cyber disasters and found the following:

  • 84% of organizations consider that impact of an Active Directory attack can jeopardize businesses.
  • 97% of organizations believe that AD is mission-critical.

In this article, we will discuss a few critical Active Directory Security best practises that businesses should follow to strengthen their defences against cyberattacks and fraud.


Role of Active Directory Security in Cyber Attacks

An Active Directory security strategy that is proactive and dynamic but is not prioritized can have severe consequences. Active Directory is a significant target for cybersecurity hackers because it centralizes user access and authorization across all company levels. Once inside the system, cyberattackers have the ability to raise their privileges on a regular basis, granting them access to a wide range of network resources. One security breach in Active Directory can therefore put a company's entire digital infrastructure at risk, allowing hackers to steal sensitive data from all user accounts, databases and apps.


What are Best Practices for Active Directory Security?

Security experts have developed a set of best practices to combat the numerous flaws and exploits that can be used to gain access to Active Directory. Let us look into some of them.


Maintain an Inventory

You must know everything there is to know about an AD to keep it clean and secure. Therefore, you should document naming standards and critical security regulations in addition to every user, service account, machine, and access group.

A detailed, comprehensive inventory of your entire system is the most effective active directory security strategy for adhering to the highest standards of AD cybersecurity. Identifying and categorizing all of the computers, devices, users, domains, and name conventions for your organisational units should be among your top priorities.


Multi-Factor Authentication (MFA)

  • MFA blocks more than 99.9 percent of account compromise attacks.

According to Microsoft, “You can help prevent some of these attacks by banning the use of bad passwords, blocking legacy authentication, and training employees on phishing. However, one of the best things you can do is to just turn on MFA.”

Multi-factor authentication is another critical active directory best practise that organizations should follow. Hackers can easily access remote users' computers, often without their knowledge. Using multi-factor authentication (MFA), companies can protect remote devices effectively. Before granting access to an MFA solution, a user must pass two or more verifications successfully. This effectively blocks hackers from gaining access to active directories.

The current multi-factor authentication methods include push notification, one-time password, email/SMS code, two-factor token, and biometrics. The following data illustrates how organizations fare with multi-factor authentication.

  • Only 26% organizations use multi-factor authentication.
  • With 68% of use, mobile push notifications are the most common authentication method.


Establish a Strong Password Policy

Enforcing a strong password policy is another critical best practise for active directory security. AD should be able to force users to change their passwords on a regular basis.

Password policy can be used to improve network security by imposing stricter account lockout settings on privileged accounts. If users who have access to sensitive data and applications are locked out of their accounts, they will face a more involved authentication process.


Limit Access to a Privileged Group


"Practice the principle of least privilege. Do not log into a computer with administrator rights unless you must do so to perform specific tasks. Running your computer as an administrator (or as a Power User in Windows) leaves your computer vulnerable to security risks and exploits. Simply visiting an unfamiliar Internet site with these high-privilege accounts can cause extreme damage to your computer, such as reformatting your hard drive, deleting all your files, and creating a new user account with administrative access." 

- Indiana University (Best practices for computer security)

Employee levels define the level of access an employee requires to perform their job. Access to Active Directory should be restricted to employees who require it to perform their jobs properly. Complete access is provided to domain administrators and other privileged groups.

Limiting AD access to a privileged group is an excellent active directory security best practice to avoid frauds and safeguard your business.


Educate Your Employees

One of the main challenges of ensuring cybersecurity is that most employees are unaware of the vulnerabilities. Therefore, businesses must educate employees about the risks associated with gaining access to Active Directory and other official business accounts. As a result, cybersecurity is everyone's responsibility, not just the IT team.

Summing Up

Active Directory is the most vulnerable document in a company because it contains sensitive information that can put organisations at risk. Because of this, it is the responsibility of every employee to investigate and stay protected. Top IT management has to ensure everyone follows the cybersecurity policies within the company monitoring it regularly, especially the active directory best practices set within the company.


Frequently Asked Questions


Why is it essential to protect your Active Directory?

If a cyber-attacker gains access to your Active Directory, they will have access to your entire connected database, user accounts, all kinds of information, and applications. This could put your business at risk.


Can active directories be hacked?

Yes, active directories can be easily hacked. Recent cyberattacks have frequently targeted enterprises' active directories, which manage thousands of computers and user accounts.

Spotlight

Q6 Cyber

Organizations of all types and sizes around the world are constantly facing increasingly damaging cyber attacks perpetrated by cyber criminals, “hacktivists”, state-sponsored actors, and malicious insiders.

OTHER ARTICLES
ENTERPRISE SECURITY

The Growing Importance of Cybersecurity Mesh

Article | August 2, 2022

Cybersecurity is widely adopted, with many businesses establishing a secure environment and protocols that, in theory, secure them from cyber-attack. In order to fulfill a holistic shift in the fight against online hostilities, this attitude has expanded throughout the market, with each individual being viewed as a crucial security resource. According to a Simplilearn report, cybercrime has cost the globe $2 trillion by 2019. In 2017, Cybersecurity Ventures anticipated that damage would reach $6 trillion by the end of 2021, driving a $10 billion worldwide investment in cyber-security solutions by 2027 to safeguard against these catastrophic losses. Importance of Cybersecurity Meshes in Business Penncomp stated that if your employees (work-from-home) and resources are located anywhere, your security must extend to those locations as well. If your staff or key infrastructure are placed beyond the usual security perimeter, so are your company's vital assets and documentation. Key corporate assets can now readily exist outside of companies' logical and physical borders. Your organization's security system must now be flexible enough to accommodate an employee working on your company's intellectual property from home. Only by separating policy choices and enforcement can the business security infrastructure achieve this level of flexibility. The new security tracing line will have to be redrawn around identification rather than the conventional physical or logical boundaries. This ensures that the appropriate individuals have access to the appropriate information throughout the network, regardless of where they or the information are located. This also implies that if a policy is established—say, a five-tiered information access policy for workers—the same rules will apply to information access regardless of who attempts to access it or where it is housed in the network. Closing Lines The cybersecurity mesh is a vital part of a zero-trust network, in which no device is authorized to access the network. 34% of data leaks and breaches occur within the network, making perimeter-focused security ineffective. A distributed cybersecurity mesh that uses zero trust adjusts to evolving threats and changing access demands. Real-time threat detection and greater asset protection than VPN passwords are possible. The mesh guarantees that all data, systems, and equipment are handled similarly and securely, irrespective of their network location.

Read More
ENTERPRISE SECURITY

Addressing Digital Supply Chain Risks

Article | November 16, 2021

Technology is a constantly evolving landscape in which we adapt and progress year after year, much like the Moore's Law theory of processing speeds. On the other hand, cybersecurity gets more complicated and distinctive as software and hardware vulnerabilities start changing. This makes the digital environment for security professionals bigger and more complex. Digital Supply Chain Risk is one of the top seven cyber security trends for 2022, according to Gartner. Given the recent track record of successful supply chain hacks, CISOs and CIOs should not be surprised. The issue is, how can you successfully prepare your business to defend against a supply chain attack? What Are the Digital Supply Chain's Risks? Whatever definition you choose, there are a lot of threats in the digital supply chain. Physical supply chains that employ IoT, for example, are vulnerable to hacking. According to Ponemon research, although encryption is rising in areas such as freight and manufacturing, 60% of the organizations surveyed revealed partial encryption of their IoT and 61% revealed partial encryption of their IoT platforms. Threats to a company's extended digital ecosystem, on the other hand, are even more concerning. Third-party businesses in your supply chain are not your employees; they are frequently not on-site, and you cannot demand compliance as you do with employees. This is the reason for alarm; according to the Ponemon Institute's latest Cost of a Data Breach study, data breaches committed by third parties increase the cost of a data breach by an average of $207,411. Vendor information security measures are harder to verify, take longer to detect, and may take much longer to fix. Regardless of the fact that third-party information risk is a very serious concern, many companies are unprepared for a supply-side data breach. According to Protiviti's 2019 Vendor Risk Management Benchmark Study, only 40% of businesses have a fully developed vendor risk management process in place. A third of those surveyed said they had no risk management program or used an ad hoc risk management method. How Can You Keep the Digital Supply Chain Secure from Risks? Knowing your extended environment isn't as simple as it seems. While you may be aware of your suppliers, you may not be aware of theirs. You can feel helpless to check your suppliers' security procedures. If so, review your vendor management system. Traditional static third-party monitoring, like surveys, isn't adequate to safeguard your data and networks from supply chain bad actors. Static monitoring produces a snapshot of your suppliers' controls at a certain time-what if all their software is patched today, but what about tomorrow? Constant monitoring is the best method to manage third-party partnerships and secure data.

Read More
ENTERPRISE SECURITY

Why Should Businesses Care About Identity Security?

Article | July 20, 2022

In recent years, several of the world's most technology-savvy businesses have experienced identity-related breaches. These occurrences have emphasized how digital identities have evolved to be both today's largest cybersecurity issue and the foundation of current organizational security. It has become evident that a comprehensive, all-hands-on-deck strategy is essential to keep ahead of attackers and make their success more difficult. Why Should Businesses Care About Identity Security? According to CrowdStrike Overwatch team analysis, eight out of ten (80%) breaches are identity-driven. These contemporary attacks often skip the conventional cyber kill chain by utilizing stolen credentials to perform lateral moves and launch larger, more devastating attacks. Identity-driven attacks, however, are particularly difficult to detect. When a genuine user's credentials have been hacked, and an adversary is posing as that user, traditional security processes and tools might make it impossible to distinguish between the user's regular activity and that of the hacker. Identity security is often seen as an organization's final line of defense. These technologies are designed to combat attackers who have escaped existing security measures like endpoint detection and response tools. Identity Security and Zero Trust: How Are They Related? Zero Trust is a security architecture that needs every user, both within and outside of an organization's network, to be verified, approved, and constantly checked for security configuration and posture before allowing or maintaining access to applications and data. Zero Trust implies that there is no conventional network edge; networks can be local, in the cloud, or a mix or hybrid of the two, with resources and employees located everywhere. Businesses that wish to implement the most robust security defenses should combine an identity security solution with a zero-trust security architecture. They must also make sure that their chosen solution complies with industry standards, such as those specified by NIST. Closing Lines Many changes are in store for 2022. Indeed, we cannot forecast all the critical challenges and subjects that will arise this year. Could you fill in some of the gaps? A robust identity security solution will provide the business with several benefits and expanded capabilities.

Read More
SOFTWARE SECURITY

The Reasons Why Cyberattack Surfaces Are Rising

Article | July 8, 2022

Increased cyber assets result in growing attack surfaces. So much so that, according to a recent Gartner analysis, the number one security and risk management trend today is attack surface growth. Businesses and security executives must update security policies and processes to prevent growing dangers when new technologies and cyber environments are adopted. Let's discuss the reasons for attack surface growth and how to rethink cyber asset protection in light of them. Reasons Behind Attack Surface Expansion The Multi-Cloud Trend Is Rapidly Expanding Modern businesses are using the cloud to stay up with digital innovation and meet market expectations. For organizations in many locations, a single public cloud provider is no longer appropriate. Choosing one that satisfies organizational demands is difficult. This simple problem-solution gave many organizations the multi-cloud trend. Gartner found that 81% of respondents use two or more cloud services. Multi-cloud is also used to maintain a vendor-agnostic approach and prevent vendor lock-in. To remain ahead of the competition, numerous vendors provide best-of-breed solutions. This is a huge benefit for multi-cloud adopters. For Ever-Growing SaaS Toolchains, Visibility Is an Issue More than 150 SaaS apps are used by companies with 1,000+ employees. Modern businesses embrace more SaaS apps to speed up their workflows. However, as SaaS adoption expands, so do businesses' attack surfaces. The following are the key reasons for SaaS security: Misconfigurations The absence of robust identity and access management system Inadequate disaster recovery planning Problems with data retention Breach of privacy and data security Inability to satisfy regulatory compliance To keep up with SaaS platforms, businesses must have scalable security and compliance policies. CAASM Automates Security Gap Identification According to Gartner, Cyber Asset Attack Surface Management (CAASM), Digital Risk Protection Services (DRPS), and External Attack Surface Management (EASM) will enable CISOs to safeguard environments against expanding attack surfaces. CAASM will help security teams in particular to: Gain insight over the cloud and SaaS cyber assets Automatically fill security loopholes. Accelerate incident reaction and clean-up Closing Lines As the attack surface rises, so does the amount of cybercrime that occurs. According to the FBI, cyberattacks have risen 400% since the pandemic began, making it essential to detect and minimize cyberthreats for business's health and future. To defend your company from rising dangers, you must detect gaps in time and adapt to the digital world. There are more targets for attackers to strike since organizational attack surfaces are constantly growing.

Read More

Spotlight

Q6 Cyber

Organizations of all types and sizes around the world are constantly facing increasingly damaging cyber attacks perpetrated by cyber criminals, “hacktivists”, state-sponsored actors, and malicious insiders.

Related News

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Titan Security Group Announces Acquisition of Prudential Security, Inc.

Titan Security | September 06, 2022

Titan Security Group, LLC , a leading provider of security solutions headquartered in Chicago, IL, announced today that it has completed the acquisition of the security staffing operation of Prudential Security, Inc. ("Prudential"), a security solutions provider based in Taylor, Michigan. Titan is a portfolio company of Quad C Management, Inc. "We are very excited to welcome the Prudential team to the Titan family. "Our organizations are very complementary, with shared values, culture, and focus on providing a high level of service to our clients and team members. Together, we are better positioned to be a leading regional provider of high-end security services." Dave Pack, CEO of Titan Titan's acquisition of Prudential adds over 700 team members to the Titan brand and expands their existing service area to 14 states including Illinois, Michigan, Wisconsin, Indiana, Alabama, Kansas, Mississippi, North Carolina, New York, Ohio, Pennsylvania, South Carolina, Tennessee, and Texas. "This is an exciting collaboration," said Pack. "Our acquisition strategy is to identify like-minded companies, such as Prudential. Applying our combined talent and resources will lead to new opportunities for our clients and team members." Terms of the acquisition were not disclosed. Security ProAdvisors LLC represented Prudential Security Inc. in the transaction. About Titan Security Titan Security is one of the largest security services firms in the U.S. providing security staffing, consulting, and systems integration of enterprise security solutions including video surveillance, electronic access control, turnstiles, biometrics, visitor management, alarm monitoring and other solutions throughout the Chicago metropolitan area, Northern Indiana and Southern Wisconsin. About Prudential Prudential Security is a recognized leader in the security industry, providing a full range of security solutions to its clients in a wide range of industries. Prudential has built its business with a strong foundation of customer service and responsiveness. Prudential's longtime management team responds attentively to client concerns and issues, developing relationships with all clients, and forming a longstanding base of business, allowing Prudential to grow into one of the most sought-after security providers in the country. About Quad-C Founded in 1989 and headquartered in Charlottesville, Virginia, Quad-C is a middle market private equity firm focused on investing in well-established business and consumer services, food & beverage and consumer products, healthcare, industrials, specialty distribution and transportation/logistics companies. In its three-decade history, Quad-C has invested over $4.0 billion of capital in 80 platform companies. The Quad-C team is committed to partnering with entrepreneurs and management teams to accelerate growth and create long-term value.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Cybeats Announces Partnership with Veracode, an Industry-Leading Application Security Firm

Cybeats | September 29, 2022

Cybeats Technologies Inc., a leading software supply chain risk and security technology provider announces a strategic partnership with Veracode, a leading global provider of application security testing solutions. The partnership will leverage complementary expertise to ensure customers receive the highest standard of cybersecurity solutions. Cybeats' software supply chain security product, SBOM Studio, will be available to customers through Veracode Partners, and the companies will explore joint commercial opportunities. Once generated within the Veracode Continuous Software Security Platform, a Software Bill of Materials (SBOM) can enable greater software security by offering a full inventory of the third-party components used within an application. Cybeats SBOM Studio is an enterprise-class solution that helps companies understand and track third-party components that are an integral part of their own software. Veracode will provide advice and guidance around the commercial deployment of SBOM Studio within its existing customer base. The partnership aims to enable both companies to continue to expand their existing presence in the global cybersecurity market. Through this alliance, the companies' joint customers will be able to maximize their technology investments and procure, develop, and deploy secure software, while reducing the risk of a security breach resulting from weak links in their software supply chain. "As a Veracode Elite Technology Alliance Partner, Cybeats brings additional expert solutions to the frictionless developer experience already offered by our Continuous Software Security Platform," said Laurie Haley, Vice President of Strategic Alliances at Veracode. "By complementing our existing software composition analysis capability, Cybeats' integrated solutions will allow customers to maximize SBOM (Software Bill of Materials) utility and simplify their workflow for greater ROI." "We are honoured to partner with Veracode to expand each other's presence in the global cybersecurity market. As the cyber risk related to software supply chain attacks continues to mount, deep visibility and universal transparency using SBOMS is necessary for resilient cybersecurity defense." Yoav Raiter, CEO, Cybeats "In this modern era of rapid development, the importance of time to market and automation is paramount. Together, Veracode and Cybeats offer a substantial contribution to enabling our customers to align with the SBOM market needs and seamlessly support practices mentioned in SSDF NIST 800-218 framework without increasing the overhead on their development and product security teams," said Dmitry Raidman, CTO, Cybeats Through a single, centralized platform offering comprehensive visibility into vulnerabilities using all software security testing types, Veracode delivers one of the industry's only cloud-native solutions that allows partners to onboard quickly and seamlessly, so companies can securely move AppSec to the cloud. As a result of this partnership, Veracode can easily integrate the full breadth of Cybeats' software solutions into their customers' environments. The partner program provides market-leading solutions and services to get partners up and running straight away, with minimal impact to their existing business. Cybeats SBOM Studio SBOM Studio provides organizations with the capability to efficiently manage SBOM and software vulnerabilities, and provides proactive mitigation of risks to their software supply chain. Key product features include robust software supply chain intelligence, universal SBOM document management and repository, continuous vulnerability, threat insights, precise risk management, open source software license infringement and utilization, and secure SBOM exchange with regulatory authorities, customers and vendors, at reduced cost. About Cybeats Cybeats is a leading software supply chain intelligence technology provider, helping organizations manage risk, meet compliance and secure software from procurement, development through operation. Our platform provides customers with deep visibility and universal transparency into their software supply chain, as a result enables them to increase operational efficiencies and revenue. Cybeats. Software Made Certain.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022

Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last. Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone. Illumio Endpoint includes: Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs. A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams. Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere. The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints. "Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints. David Ault, VP of Information Security at Telhio Credit Union “The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.” “Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.” About Illumio Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Read More

DATA SECURITY,ENTERPRISE SECURITY,SOFTWARE SECURITY

Titan Security Group Announces Acquisition of Prudential Security, Inc.

Titan Security | September 06, 2022

Titan Security Group, LLC , a leading provider of security solutions headquartered in Chicago, IL, announced today that it has completed the acquisition of the security staffing operation of Prudential Security, Inc. ("Prudential"), a security solutions provider based in Taylor, Michigan. Titan is a portfolio company of Quad C Management, Inc. "We are very excited to welcome the Prudential team to the Titan family. "Our organizations are very complementary, with shared values, culture, and focus on providing a high level of service to our clients and team members. Together, we are better positioned to be a leading regional provider of high-end security services." Dave Pack, CEO of Titan Titan's acquisition of Prudential adds over 700 team members to the Titan brand and expands their existing service area to 14 states including Illinois, Michigan, Wisconsin, Indiana, Alabama, Kansas, Mississippi, North Carolina, New York, Ohio, Pennsylvania, South Carolina, Tennessee, and Texas. "This is an exciting collaboration," said Pack. "Our acquisition strategy is to identify like-minded companies, such as Prudential. Applying our combined talent and resources will lead to new opportunities for our clients and team members." Terms of the acquisition were not disclosed. Security ProAdvisors LLC represented Prudential Security Inc. in the transaction. About Titan Security Titan Security is one of the largest security services firms in the U.S. providing security staffing, consulting, and systems integration of enterprise security solutions including video surveillance, electronic access control, turnstiles, biometrics, visitor management, alarm monitoring and other solutions throughout the Chicago metropolitan area, Northern Indiana and Southern Wisconsin. About Prudential Prudential Security is a recognized leader in the security industry, providing a full range of security solutions to its clients in a wide range of industries. Prudential has built its business with a strong foundation of customer service and responsiveness. Prudential's longtime management team responds attentively to client concerns and issues, developing relationships with all clients, and forming a longstanding base of business, allowing Prudential to grow into one of the most sought-after security providers in the country. About Quad-C Founded in 1989 and headquartered in Charlottesville, Virginia, Quad-C is a middle market private equity firm focused on investing in well-established business and consumer services, food & beverage and consumer products, healthcare, industrials, specialty distribution and transportation/logistics companies. In its three-decade history, Quad-C has invested over $4.0 billion of capital in 80 platform companies. The Quad-C team is committed to partnering with entrepreneurs and management teams to accelerate growth and create long-term value.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Cybeats Announces Partnership with Veracode, an Industry-Leading Application Security Firm

Cybeats | September 29, 2022

Cybeats Technologies Inc., a leading software supply chain risk and security technology provider announces a strategic partnership with Veracode, a leading global provider of application security testing solutions. The partnership will leverage complementary expertise to ensure customers receive the highest standard of cybersecurity solutions. Cybeats' software supply chain security product, SBOM Studio, will be available to customers through Veracode Partners, and the companies will explore joint commercial opportunities. Once generated within the Veracode Continuous Software Security Platform, a Software Bill of Materials (SBOM) can enable greater software security by offering a full inventory of the third-party components used within an application. Cybeats SBOM Studio is an enterprise-class solution that helps companies understand and track third-party components that are an integral part of their own software. Veracode will provide advice and guidance around the commercial deployment of SBOM Studio within its existing customer base. The partnership aims to enable both companies to continue to expand their existing presence in the global cybersecurity market. Through this alliance, the companies' joint customers will be able to maximize their technology investments and procure, develop, and deploy secure software, while reducing the risk of a security breach resulting from weak links in their software supply chain. "As a Veracode Elite Technology Alliance Partner, Cybeats brings additional expert solutions to the frictionless developer experience already offered by our Continuous Software Security Platform," said Laurie Haley, Vice President of Strategic Alliances at Veracode. "By complementing our existing software composition analysis capability, Cybeats' integrated solutions will allow customers to maximize SBOM (Software Bill of Materials) utility and simplify their workflow for greater ROI." "We are honoured to partner with Veracode to expand each other's presence in the global cybersecurity market. As the cyber risk related to software supply chain attacks continues to mount, deep visibility and universal transparency using SBOMS is necessary for resilient cybersecurity defense." Yoav Raiter, CEO, Cybeats "In this modern era of rapid development, the importance of time to market and automation is paramount. Together, Veracode and Cybeats offer a substantial contribution to enabling our customers to align with the SBOM market needs and seamlessly support practices mentioned in SSDF NIST 800-218 framework without increasing the overhead on their development and product security teams," said Dmitry Raidman, CTO, Cybeats Through a single, centralized platform offering comprehensive visibility into vulnerabilities using all software security testing types, Veracode delivers one of the industry's only cloud-native solutions that allows partners to onboard quickly and seamlessly, so companies can securely move AppSec to the cloud. As a result of this partnership, Veracode can easily integrate the full breadth of Cybeats' software solutions into their customers' environments. The partner program provides market-leading solutions and services to get partners up and running straight away, with minimal impact to their existing business. Cybeats SBOM Studio SBOM Studio provides organizations with the capability to efficiently manage SBOM and software vulnerabilities, and provides proactive mitigation of risks to their software supply chain. Key product features include robust software supply chain intelligence, universal SBOM document management and repository, continuous vulnerability, threat insights, precise risk management, open source software license infringement and utilization, and secure SBOM exchange with regulatory authorities, customers and vendors, at reduced cost. About Cybeats Cybeats is a leading software supply chain intelligence technology provider, helping organizations manage risk, meet compliance and secure software from procurement, development through operation. Our platform provides customers with deep visibility and universal transparency into their software supply chain, as a result enables them to increase operational efficiencies and revenue. Cybeats. Software Made Certain.

Read More

DATA SECURITY,ENTERPRISE IDENTITY

Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface

Illumio | September 29, 2022

Illumio, Inc., the Zero Trust Segmentation company, today announced Illumio Endpoint®, a reimagined way to prevent breaches from spreading to clouds and data centers from laptops. Hybrid work has expanded the attack surface, introducing new threats and making organizations more vulnerable, so it’s become increasingly important for employees to have secure access to applications and data wherever they are located. Unlike other Zero Trust Segmentation solutions, Illumio Endpoint lets your policy follow your teams’ laptops wherever they work, whether at home, in the office, or at a coffee shop. With Illumio Endpoint, the first device that gets infected will also be the last. Organizations are more interconnected and vulnerable in hybrid workplaces, and the attack surface is growing increasingly complex. Additionally, attacks on hybrid work environments are more expensive, costing an average of about $600K more than the global average. Even with endpoint detection and response tools in place, endpoints still get breached – according to ESG, 76 percent of organizations experienced a ransomware attack in the past two years alone. Illumio Endpoint includes: Extended visibility and segmentation policy controls for macOS and Windows devices, allowing organizations to see risk and stop attacks from spreading from laptops, workstations, and VDIs. A single, unified console to see and manage visibility and segmentation policy across endpoints, clouds, and data centers, making Zero Trust Segmentation easier, faster, and more efficient for security teams. Work from anywhere support with segmentation policy that follows the device, so organizations have the confidence that their networks are secure, and their employees can remain productive while working from anywhere. The ability to control application access so users can only reach the necessary applications from their device, not the entire data center and cloud, minimizing the organization's risk from vulnerable or compromised endpoints. "Before Illumio, we had only a slim idea of what kind of communications were running across our network. But with Illumio, we clearly see exactly what's connecting to individual endpoints. David Ault, VP of Information Security at Telhio Credit Union “The hybrid workforce is here to stay, which exposes organizations to a more complex attack surface and more risk, particularly on the endpoint,” said Mario Espinoza, Chief Product Officer at Illumio. “It’s important to have tools that can detect and respond to an identified breach, but unidentified attacks can spread throughout the organization to access critical data and assets when Zero Trust Segmentation is not in place to proactively contain the breach. With Illumio Endpoint, security leaders will gain the comprehensive protection needed to build resilience to attacks throughout their hybrid IT and as employees work from anywhere.” “Ransomware and other cyberattacks often involve end user devices somewhere in the attack chain, moving laterally on to other higher-value assets,” said Dave Gruber, Principal Analyst, ESG. “Because attackers continue to find ways in and move laterally fast, prevention, detection and response mechanisms can fall short stopping these fast-moving attacks. Containment strategies such as Zero Trust Segmentation across endpoint devices can proactively stop ransomware and other fast-moving attacks from spreading to critical infrastructure and assets, reducing risk.” About Illumio Illumio, the Zero Trust Segmentation company, stops breaches and ransomware from spreading across the hybrid attack surface. The Illumio ZTS Platform visualizes all traffic flows between workloads, devices and the internet, automatically sets granular segmentation policies to control communications, and isolates high-value assets and compromised systems proactively or in response to active attacks. Illumio protects organizations of all sizes, from Fortune 100 to small business, by stopping breaches and ransomware in minutes, saving millions of dollars in application downtime, and accelerating cloud and digital transformation projects.

Read More

Events